hosts/prefect/nsd: Add pyrox.dev NS records
This commit is contained in:
parent
6829cbc597
commit
22846627b8
2 changed files with 92 additions and 0 deletions
|
@ -62,6 +62,14 @@ in {
|
|||
provideXFR = provideXFRServers;
|
||||
notify = notifyServers;
|
||||
};
|
||||
"pyrox.dev" = {
|
||||
# Enable DNSSEC for mrhedge.me
|
||||
## Disabled until nixpkgs issue #169442 is fixed.
|
||||
dnssec = false;
|
||||
data = dns.toString "pyrox.dev" (import ./pyrox.dev.nix {inherit dns;});
|
||||
provideXFR = provideXFRServers;
|
||||
notify = notifyServers;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
84
hosts/prefect/services/nsd/pyrox.dev.nix
Normal file
84
hosts/prefect/services/nsd/pyrox.dev.nix
Normal file
|
@ -0,0 +1,84 @@
|
|||
{dns, ...}:
|
||||
with dns.combinators; {
|
||||
SOA = {
|
||||
nameServer = "ns1.pyrox.dev.";
|
||||
adminEmail = "me@thehedgehog.me";
|
||||
serial = 2022121601;
|
||||
# Refresh the records every hour
|
||||
refresh = 3600;
|
||||
# If retry fails, retry after 10 minutes
|
||||
retry = 600;
|
||||
# Expire every 2 weeks
|
||||
expire = 14 * 24 * 60 * 60;
|
||||
};
|
||||
|
||||
# Set Primary root records
|
||||
A = ["5.161.140.5"];
|
||||
AAAA = ["2a01:4ff:f0:98bf::1"];
|
||||
|
||||
# Set primary nameserver to my nameserver.
|
||||
NS = [
|
||||
"ns1.pyrox.dev."
|
||||
"ns2.pyrox.dev."
|
||||
"ns2.afraid.org."
|
||||
"ns2.he.net."
|
||||
"ns3.he.net."
|
||||
];
|
||||
|
||||
TXT = [
|
||||
(with spf; strict [""])
|
||||
# PGP Key fingerprint for Keyoxide
|
||||
"https://keyoxide.org/4CA972FBADC814160F103138FE1D8A7D620C611F"
|
||||
];
|
||||
|
||||
DKIM = [{selector = "*"; p="";}];
|
||||
## Set DMARC Policy
|
||||
DMARC = [{
|
||||
p = "reject";
|
||||
sp = "reject";
|
||||
adkim = "strict";
|
||||
aspf = "strict";
|
||||
}];
|
||||
|
||||
|
||||
CAA = letsEncrypt "me@thehedgehog.me";
|
||||
|
||||
subdomains = rec {
|
||||
prefect = host "5.161.140.5" "2a01:4ff:f0:98bf::1";
|
||||
|
||||
ns1.A = ["5.161.140.5"];
|
||||
ns1.AAAA = ["2a01:4ff:f0:98bf::1"];
|
||||
ns2.A = ["5.161.140.5"];
|
||||
ns2.AAAA = ["2a01:4ff:f0:98bf::1"];
|
||||
|
||||
adguard = prefect;
|
||||
auth = prefect;
|
||||
bw = prefect;
|
||||
cache = prefect;
|
||||
dash = prefect;
|
||||
dav = prefect;
|
||||
deemix = prefect;
|
||||
dn42 = prefect;
|
||||
git = prefect;
|
||||
grocy = prefect;
|
||||
hydra = prefect;
|
||||
matrix = prefect;
|
||||
media = prefect;
|
||||
link = prefect;
|
||||
reddit = prefect;
|
||||
rss = prefect;
|
||||
rss-bridge = prefect;
|
||||
sis = host "116.203.62.235" "2a01:4f8:1c1c:9cf3::1";
|
||||
stats = prefect;
|
||||
sync = prefect;
|
||||
todo = prefect;
|
||||
wm = prefect;
|
||||
openpgpkey = prefect;
|
||||
|
||||
# Externally hosted stuff
|
||||
mc.NS = [ "galileo.aternos.org." "columbus.aternos.org." ];
|
||||
|
||||
## Statuspage, hosted at PikaPods
|
||||
status.CNAME = ["thankful-junglefowl.pikapod.net."];
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue